Welcome to The Threat Show powered by Fletch! This week we sat down with Aaron Didier, a Threat Intelligence Analyst for Red Canary.
Aaron talks to us about threat intelligence and sheds light on some of the most common mistakes he sees and how they can be avoided. The team also discusses four major threats you need to know about.
Heads up! Xdr33, A Variant Of CIA’s HIVE Attack Kit Emerges (02:31)
360Netlab, a Chinese threat intel group, has discovered malware that they have traced back to a leak from the CIA Hive attack kit. Tactics and malware previously designed and used by nation states to go after governments is being repurposed to target consumers.
Disclosing a New Vulnerability in JWT Secret Poisoning (04:35)
JsonWebToken (JWT) has a vulnerability that can cause remote code execution in servers that process it. An adversary can send out a malformed JWT token to bypass authorizations and trigger remote code execution.
After targeting water sector, HC3 confirms Clop ransomware attacks against healthcare organizations (06:06)
The Clop ransomware group is targeting the health and public health (HPH) sector. The malware is delivered to organizations through spear phishing campaigns.
SpyNote: Spyware with RAT capabilities targeting Financial Institutions (09:57)
SpyNote is a new type of malware called that is targeting android devices and going after financial institutions. Banking institutions and customers are both at risk of this vulnerability.
Interview with Aaron Didier (13:06)
Aaron talks to us about threat intelligence and sheds light on some of the most common mistakes he sees and how they can be avoided.
